By default, a Cloud Server Snapshot will not necessarily allow you to properly recover a Microsoft Windows Active Directory (AD) server. Microsoft recommends using the Windows Backup Server feature. This article provides a suggested approach to using this feature in conjunction with CloudControl's Cloud Server Snapshot feature.
This Article Provides an OVERVIEW of Approach
This article provides an overview of the suggested approach and is designed to be adapted by Windows engineers familiar with Windows Server Backup and the issues around Active Directory backups as well as their specific application. The specific steps may vary slightly depending on the specific Windows OS used. In addition, given the variety of potential configurations, some changes to the approach may be required for a user's specific scenario. We strongly recommend implementing and then testing any restoration approach prior to relying on it for production purposes.
- Server must be running VMware Tools with at least v10.2. We recommend using the latest version of VMware Tools.
- Windows Server Backup uses Volume Shadow Copy Service (VSS). The VSS driver is part of the VMware Tools installed on the Windows VM. However, the 'Windows Server Backup' jobs will fail on Windows VMs running VMware tools version 10.1 or older as described in this KB Article from VMware.
- See How to Update VMware Tools on a Cloud Server for details on how to update to the latest VMware Tools version
Configuring Active Directory Server for Windows Server Backup
No Other Active Directory Servers Can Be Available During Configuration!
The documented restore steps should be performed when no other Active Directory (AD) Server is available!
Open Server Manager, then click on Add Roles and Features. Skip the Welcome page by clicking on the Next button. Select the server on which you want to install the backup server. Click the Next button. In the features page, scroll down and select "Windows Server Backup", then click Next:
The Confirm Installation Selections dialog will be displayed. Verify that Windows Server Backup is displayed, then click Install:
Once the installation is complete, click Close:
Navigate to Server Manager. Then, click on Tools. Click on Windows Server Backup at the end of the list to open the server:
Server Backup will be displayed, click on Backup Schedule. This will open a 'Backup Schedule Wizard':
On the Backup Schedule Wizard window, navigate to "Select Backup Configuration" and select "Custom". Then, click "Next":
The "Select Items for Backup" screen will be displayed. Click on "Add Items":
Make sure that the "System State" box is checked, then click "OK":
Click on Advanced Settings:
Navigate to "VSS Settings" and select "VSS Full Backup". Click "OK", then click "Next":
The "Specify Backup Time" screen will be displayed. Select "More than once a day" and use the Add/Remove buttons to add the time(s) at which the system should be backed up. Then click Next:Note: In this case, all available time slots were selected
The "Specify Destination Type" dialog will be displayed. Select "Back up to a volume". Then click Next:
The "Select Destination Volume" dialog will be displayed. Click Add:
Select the volume that you want to use for the backup. Click "OK". Then click Next:
Click "Finish" to complete the configuration process:
You should see a status message saying "You have successfully created the backup schedule". Click "Close" to exit:
The "Backup Progress" dialog will display the progress of any backups:
Restoring Active Directory Using Cloud Server Snapshot and Windows Server Backup
Create a Snapshot Preview Server as described in:
Confirm the snapshot represents what you want to restore and then migrate the server to production storage infrastructure as described in:
Ping the Domain Name - it should resolve to IPv6
Confirm that 'Windows Server Backup' is configured as the original Domain Controller. Now, on the Snapshot Preview Server, perform a restore from a Windows Server Backup.
The first step to perform a restore from a Windows Server Backup is to start in Directory Service Restore Mode (DSRM) and this can be achieved with the following command:
bcdedit /set safeboot dsrepair
Run the following command to restart the server in safe mode:
Shutdown -r -t
Once the Snapshot Preview server is back online, login as 'Administrator' (at this point no other user account works except Administrator). Go to Windows Server Backup and click on 'Recover' under the Actions tab on the right.
This will open 'Recover Wizard'. Select where the backup was stored. In our case, the backups are stored in another location:
Select "A backup stored on another location"
On 'Specify Location Type', select 'Local Drives' and click 'Next':
On the next screen, 'Select Backup Location', choose the location where the backup is stored and click 'Next':
Note: In this example, the backup location is on 'Backup Volume(D:). You should select the location where your backup is located.
Now, select the server whose data you would like to recover. In our case, it is 'ADTEST19N01'. Click Next:
On the next screen, select from the available backups and click Next:
Note: In this example, we chose the oldest backup available
On the next screen which asks 'Select Recovery Type', select 'System State' and click 'Next':
On the next screen which asks 'Select Location for System State Recovery', select 'Original Location' and make sure you have the option 'Perform an authoritative restore of Active Directory files' checked. Click 'Next':
You will see a message that the recovery option will cause all replicated content on the local server to re-synchronize after recovery. This may cause potential latency or outage issues. Click 'OK':
On the next screen 'Confirmation', Click 'Recover':
You will see a warning message "System state recovery cannot be paused or cancelled once it has started. It will need a restart of the server to complete the recovery operation. Do you want to continue?" Click 'Yes':
The following screenshots show the progress of the restore process:
Once the Recover status says 'Completed', you will see a message "The computer must be restarted to complete the recovery operation". Click 'Restart':Note: This will restart the server!
You will see a message "The system state recovery operation that started at <date and time> has successfully completed. Press ENTER to continue". Press Enter:
Now, go to Start and run 'cmd', this will open a command prompt window. Run the following command to get the server out of safeboot mode:
bcdedit /deletevalue safeboot
shutdown -r -t
This will restart the Server into normal mode.